When comparing the evolution in market share of Linux and OpenBSD, two operating systems that were born around the same time, a question comes to mind: why is there such a difference in market penetration? Linux, on one side of the spectrum, with a license that supposedly impairs commercial venues, has enticed companies and organizations to adopt and support it under varying commercial models, while the BSD derivatives (FreeBSD, OpenBSD and NetBSD), with a larger history and an allegedly more commercial friendly license haven't been as successful to gather a large installed base and widespread adoption.

If OpenBSD weren't actively hostile against blobs and other proprietary stuff I wouldn't use it. Or maybe I'd still use it - lacking any really free alternative - because of it's strong adherence to the original UNIX principles. OpenBSD developers care a lot about code quality and security, beyond the buzzwords of the moment.

OpenBSD is an OS by and for hackers of the movie-unfriendly variety. Nothing to do with Linux. That doesn't mean I can't watch Youtube, DVDs, play 3D games, connect to encrypted wireless, draw using a Wacom tablet or edit W*rd documents. Anything that can be supported using open source software is there or on its way as long as you buy the right hardware,and I for one, don't want to be supporting the closed vendors.

A better comparison would be to FreeBSD which has the same attitude and target demographic as Linux and does get some commercial involvement - in most cases with patches going back upstream - but it just never catches up. License?

Development structure. FreeBSD's always developed itself as one cohesive source tree with a relatively small group of people allowed to work on it as opposed to the half billion Linux based forks all going out in divergent directions all catering to different niche groups.

Which style is better is up to perspective, but you can't deny the Linux world has a much deeper "genetic pool" to draw from, even if it does get slightly polluted at times.

Development structure. FreeBSD's always developed itself as one cohesive source tree with a relatively small group of people allowed to work on it as opposed to the half billion Linux based forks all going out in divergent directions all catering to different niche groups.

Anyone is allowed to fork the BSD code at any time, this is the same for both Linux and BSD's.
I don't know why people seem to think that Linux is this happy.democratic dreamland where every man and his dogs has commit access. If Linux don't want your stuff in the kernel it's not getting there. This has happened many times before and it will happen again (and there'a nothing wrong with this).

If OpenBSD weren't actively hostile against blobs and other proprietary stuff I wouldn't use it. Or maybe I'd still use it - lacking any really free alternative - because of it's strong adherence to the original UNIX principles. OpenBSD developers care a lot about code quality and security, beyond the buzzwords of the moment.

First off, don't get me wrong I like OpenBSD, but somehow I feel with all that security stuff they create a strange hype they can't live up to.

First off their packages are often outdated. Oh and do they even care for secure transmission, like a signed list of MD5/whatever sums so one can verify to load the right ones?

They also had strange bugs, like a wrong implementation of the C floor function in their standard lib on some hardware.

They also advertise/hype stuff that's common practice in many open source projects anyway. Like code reviews or considering missing or wrong documentation as a bug. Not bad, but sounds like hype which they pretend to not do.

There are also other things that just sound more secure, like using blowfish instead of a random one-way function for password encryption.

I think OpenBSD has lots of great stuff to offer. They support lots of interesting hardware, where there aren't any other open alternatives, but Linux. HPPA for example. Gentoo and Debian work there aswell, but both have tons of bugs.

Encrypted swap by default certainly is a nice feature, while counting just security holes in a default installation sounds more like hype than security.

Also I wonder about the fact that they always ask for donation, especially because everyone uses OpenSSH (damn awesome software!), but don't participate in Google's Summer of Code.

What I want to say with that is that they are nice and reasonable. I really like the fact that they are so conservative, but to me it also looks like it is their biggest problem blocking progress. I don't see OpenBSD in any danger, because there is a very loyal community, but I'd like to see more new stuff. Since they are a lot into security it would be cool to see some new things happen in that area. For example ways to deal with the insecurity of the C programming language. I think they'd be able to create lots of problems to deal with that problem, but lately they seem more interested in removing GPL code.

They also advertise/hype stuff that's common practice in many open source projects anyway. Like code reviews or considering missing or wrong documentation as a bug. Not bad, but sounds like hype which they pretend to not do.

Frankly, that might be the case for some projects but it is far from usual. I recommend De Raadt's speech on the release process. Compare with Xorg. Not the fixed version in your OS but the real thing.

Also I wonder about the fact that they always ask for donation, especially because everyone uses OpenSSH (damn awesome software!), but don't participate in Google's Summer of Code.

My guess? They don't want to deal with people feeling entitled to commit their cool stuff on one hand, and students that still have many things to learn bothering them on the other.

The OpenBSD developer team is built on trust. They expect one to make many minor contributions, do boring testing, etc before being allowed to play with a new malloc.

Other projects would just review the contributed source and commit.

This attitude probably throws away perfectly good code but consider the following: "My code is secure" - Anonymous Coward."My code is secure" - Someone who you know has picked up and fixed many bugs in the past.
BTW, trust is there "in addition to" code reviews, not "instead of".

ACLs, jails, package signing will be there the day someone willing to do the hard work and make them acceptable to the existing devs. In OpenBSD, "stupid" is a synonym for "No one has been willing to do it right".

For example ways to deal with the insecurity of the C programming language. I think they'd be able to create lots of problems to deal with that problem, but lately they seem more interested in removing GPL code.

The "insecurity" of the C language has been dealt with as far as they are concerned. They are more worried about higher level bugs such as juggling with permissions, trusting user input, race conditions, algorithm holes, etc. Haskell, Java or C, it doesn't matter if something is logically wrong.